Presentation is loading. Please wait.

Presentation is loading. Please wait.

Global test beds for control, safety, security and dependability in ICT-Enabled Critical Infrastructures From SAFEGUARD Intrusion Detection Test Environment.

Published byNickolas Parks Modified over 9 years ago

Similar presentations

Presentation on theme: "Global test beds for control, safety, security and dependability in ICT-Enabled Critical Infrastructures From SAFEGUARD Intrusion Detection Test Environment."— Presentation transcript:

1 Global test beds for control, safety, security and dependability in ICT-Enabled Critical Infrastructures From SAFEGUARD Intrusion Detection Test Environment to IRRIIS Information Sharing Testing Environment Joint US-EU Workshop Washington D.C March, 2006 Sandro Bologna – ENEA

2

3 Three Layers Model for the Critical Infrastructure
Organisational Layer Intra-dependency Cyber Layer Inter-dependency Physical Layer

4 Three Layers Model for the Electrical Infrastructure
Electrical Components generators, transformers, breakers, connecting cables etc Control and supervisory hardware/software components (Scada/EMS systems) Electrical Power Operators Independent System Operator for electricity planning and transmission Intra-dependency National Electrical Power Transmission Infrastructure Telecomunication Infrastructure Oil/Gas Transport System Infrastructure Foreign Electrical Transmission Infrastructure Inter-dependency

5 US CANADA BLACK-OUT Power System Outage Task Force Interim Report

6 SAFEGUARD vs. IRRIIS SAFEGUARD is a collection of Software Agents developed to detect anomalies on the Cyber Layer of a single LCCI. IRRIIS (MIT) is a system to support information coordination and information sharing between different LCCIs. These information regard all the three layers of a LCCI, with special emphasis to organisational and cyber layer. IRRIIS (MIT) could make use of some Safeguard Agents

7 SAFEGUARD ARCHITECTURE Network global protection
Cyber Layer of Electricity Network Home LCCIs Topology agent Negotiation agent MMI agent Other LCCIs Foreign Electricity Networks Telecommunication Networks Correlation agent Action agent Low-level agents High-level agents Diagnosis wrappers Intrusion Detection wrappers Hybrid Anomaly Detection agents Actuators Safeguard agent Architecture for Large Complex Critical Infrastructures (LCCIs) Commands and information Information only Network global protection Local nodes protection

8 Data management network
General layout of typical control and supervisory infrastructure of the electrical grid Control and management layer (SCADA system) SIA-R CNC CC SIA-C Remote Units Control Centres Data management network WAN (Wide Area Network) Data Concentrator Area 1 Area 2 Area 3 Substations Loads Generator Physical Network Physical electrical layer (high-medium voltage)

9 SAFEGUARD Test Environment:
distributed SCADA component emulation on a local network Load-flow electrical grid simulator(e-Agorà) “Broker” di messaggi Detector di riconoscimento di “invarianti” nei dati Detector di riconoscimento di sequenze di eventi Detector di anomalie sulle porte Alberi di attacco progettazione esecuzione logs Generatore di Attacchi RTU 1 Centro Controllo Regionale RTU 2 Data Base Regionale RTU 3 Piattaforma di esecuzione agenti SAFEGUARD Data Base Nazionale RTU n Centro Controllo Nazionale Local Network

10 SAFEGUARD Test Environment
Objectives To test the funcionalities of the single Agents developed for reducing the vulnerabilities of a single infrastructure To test the overall architecture and information sharing among the different Agents for a single infrastructure To test the different algorithms implemented in low-level Agents (Neural-Network, Case Based Reasoning, Data Mining).

11 Physical Electric Grid Layer e-Agora Simulator
Is simulated by the e-Agora electrical powerflow simulator (AIA). It provides editing capabilities to edit an electrical network model. It calculates the load flow of an electrical network model under all systems conditions. It can work in client-server mode: the algorithms to calculate the load flow reside on the server while the network model resides on the client application.

12 SCADA Emulator Architecture
Control Center (CC) GUI DAC SIA-R-1 SIA-R-2 SIA-R-3 AD

13 Some examples of functionalities implemented in the SCADA emulator
Polling of Tele-Measures (each 4 seconds) Sending of Tele-Commands (opening/closing breakers) Receiving of Tele-Signals All these functionalities generate EVENTS and DATA. They are monitored by the Safeguard System (Instrumentation). Sending malicious attacks to disable a SIA-R Data Sending message to re-start a SIA-R

14 SCADA Emulator Instrumentation
SAFEGUARD System Communication BUS SCADA-SAFEGUARD Data/Events Instrumentation: SCADA  SAFEGUARD Recovery Actions: SAFEGUARD  SCADA

15 Attack Trees Editor and Scenarios Running Console
Attacks/faults Console design attacks or faults in form of tree Generate from a tree all possible scenarios Run a scenario as a timed sequence of malicious actions or faults

16 COMMUNICATION PROTOCOL
IRRIIS Infrastructure Information Sharing LCCI3 MIT 1 LCCI1 Application Server MIT 3 LCCI3 Application Server Interdependency LCCI1 Communication MIT LCCI Business Components COMMUNICATION PROTOCOL MIT IRRIIS MIT 2 LCCI2 Application Server LCCI2 LCCI4 MIT 4 LCCI4 Application Server

17 IRRIIS MIT Implementation

18 IRRIIS Test Environment Objectives
To test the capabilities of the Middleware Improved Tecnology (MIT) components to exchange fast, reliable and secure information about the state of different infrastructure among the different operators To test information coordination and information sharing between different LCCIs.

19 IRRIIS Synthetic Simulation Environment

20 IRRIIS Synthetic Simulation Environment and Services Exchanging between two infrastructures (to study vulnerabilities and interdependency) Electrical Infrastructure Telecomunication Infrastructure Telec. Contr. Centres Telec. Traff. Simulator

21 IRRIIS Synthetic Simulation Environment Services Exchanging and MIT (to test and validate MIT components) Electrical Infrastructure Telecomunication Infrastructure Telec. Contr. Centres Telec. Traff. Simulator

22 POSSIBLE RESEARCH AREAS FOR A JOINT EU/US COLLABORATION
IRRIIS - WP3.6: International cooperation for benchmarking Objectives Establish an international network for definition of benchmarks Definition of international benchmarks for at least two application areas Comparison of IRRIIS results with results from other projects Suggested Collaboration EU-IRRIIS Project, US-TRUST, US-TCIP works together to define common high quality benchmarks with high practical relevance Constraints to support an international adaptation and wide cooperation it is likely that the benchmarks definitions shall be platform independent.

23 International Workshop on
Complex Network and Infrastructure Protection CNIP06 March 28-29, Rome, Italy

Download ppt "Global test beds for control, safety, security and dependability in ICT-Enabled Critical Infrastructures From SAFEGUARD Intrusion Detection Test Environment."

Similar presentations

Introduction to IRRIIS testing platform IRRIIS MIT Conference ROME 8 February 2007 Claudio Balducelli.

Introduction to IRRIIS testing platform IRRIIS MIT Conference ROME 8 February 2007 Claudio Balducelli.
Chapter 19: Network Management Business Data Communications, 5e.

Chapter 19: Network Management Business Data Communications, 5e.
Arrow color indicates specific subset of Security Service Desk Common Backplane API. is DC Backplane API impledmented by the Backplane Services. Devices.

Arrow color indicates specific subset of Security Service Desk Common Backplane API. is DC Backplane API impledmented by the Backplane Services. Devices.
and Trend for Smart Grid

and Trend for Smart Grid
IRRIIS SimCIP Demo (version 0.8- May 2009) IRRIIS European Project – www.irriis.org Antonio Di Pietro – ENEA.

IRRIIS SimCIP Demo (version 0.8- May 2009) IRRIIS European Project – Antonio Di Pietro – ENEA.
Team Dec13_11: Cole Hoven Jared Pixley Derek Reiser Rick Sutton Adviser/Client: Prof. Manimaran Govindarasu Graduate Assistant: Aditya Ashok PowerCyber.

Team Dec13_11: Cole Hoven Jared Pixley Derek Reiser Rick Sutton Adviser/Client: Prof. Manimaran Govindarasu Graduate Assistant: Aditya Ashok PowerCyber.
ENEA APPROACHES TO SUPERCOMPUTING AND CRITICAL INFRASTRUCTURES PROTECTION Sandro Bologna, Silvio Migliori, Andrea Quintiliani, Vittorio Rosato ENEA

ENEA APPROACHES TO SUPERCOMPUTING AND CRITICAL INFRASTRUCTURES PROTECTION Sandro Bologna, Silvio Migliori, Andrea Quintiliani, Vittorio Rosato ENEA
IRRIIS – Integrated Risk Reduction of Information-based Infrastructure Systems Workshop - Middleware Improved Technology for Interdependent Critical Infrastructures.

IRRIIS – Integrated Risk Reduction of Information-based Infrastructure Systems Workshop - Middleware Improved Technology for Interdependent Critical Infrastructures.
I.1 Distributed Systems Prof. Dr. Alexander Schill Dresden Technical University Computer Networks Dept.

I.1 Distributed Systems Prof. Dr. Alexander Schill Dresden Technical University Computer Networks Dept.
Chapter 19: Network Management Business Data Communications, 4e.

Chapter 19: Network Management Business Data Communications, 4e.
8.

8.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
Distributed Database Management Systems

Distributed Database Management Systems
Architecture and Real Time Systems Lab University of Massachusetts, Amherst I Koren and C M Krishna Electrical and Computer Engineering University of Massachusetts.

Architecture and Real Time Systems Lab University of Massachusetts, Amherst I Koren and C M Krishna Electrical and Computer Engineering University of Massachusetts.
Toward Open Source Intrusion Tolerant SCADA Trevor Aron JR Charles Akshay Srivatsan Mentor: Marco Platania.

Toward Open Source Intrusion Tolerant SCADA Trevor Aron JR Charles Akshay Srivatsan Mentor: Marco Platania.
Chapter 9: Moving to Design

Chapter 9: Moving to Design
Distributed System Concepts and Architectures Summary By Srujana Gorge.

Distributed System Concepts and Architectures Summary By Srujana Gorge.
Secure Systems Research Group - FAU 1 SCADA Software Architecture Meha Garg Dept. of Computer Science and Engineering Florida Atlantic University Boca.

Secure Systems Research Group - FAU 1 SCADA Software Architecture Meha Garg Dept. of Computer Science and Engineering Florida Atlantic University Boca.
August 8, 2015ECI Confidential. AccessWave Smart Grid Market Trends& Applications Matthias Nass VP Field Marketing EMEA.

August 8, 2015ECI Confidential. AccessWave Smart Grid Market Trends& Applications Matthias Nass VP Field Marketing EMEA.
A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.

A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.

Similar presentations

Ads by Google